Russian APT28 Hackers Target Ukraine Aid Operations Through Global Espionage Campaign
APT28, a Russian state-sponsored group, has been conducting a cyberespionage campaign since 2022, targeting logistics for aid to Ukraine. Compromising organizations in the U.S. and 12 European countries, they utilized methods such as credential guessing and spear phishing. The group hacked internet-connected cameras at strategic locations to monitor shipments. Their actions aim to disrupt logistical support and gather sensitive data from critical sectors like defense and transportation. Read more.
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
Kettering Health is facing significant operational disruptions due to a cyberattack linked to the Interlock ransomware group. The incident led to the cancellation of elective procedures and affected call center operations. Cybersecurity firm PRODAFT connected the attack to the group, which is threatening to leak sensitive data unless a ransom is paid. This incident highlights the vulnerabilities in healthcare systems and the risks associated with ransomware attacks. Read more.
Marks & Spencer Projects $402 Million Profit Loss After Cyberattack Disrupts Operations
Marks & Spencer anticipates a £300 million ($402 million) profit loss due to a cyberattack attributed to the Scattered Spider group. This incident has caused extensive disruptions to their online retail systems, affecting operations and sales. Customer data was reportedly compromised, with systems remaining offline for recovery, which is expected to continue for months. The incident underscores the escalating threat landscape facing major retailers. Read more.
3AM Ransomware Operators Use Spoofed IT Calls, Email Bombing for Network Breaches
The 3AM ransomware group has leveraged spoofed IT support calls and email bombing to conduct credential theft and social engineering attacks. Since late 2024, over 55 attacks have been identified, typically lasting nine days, with data exfiltration occurring within three. This tactic exploits human trust, effectively bypassing conventional security defenses. Read more.
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
A coordinated international effort has dismantled the Lumma Infostealer malware network, resulting in the seizure of 2,300 domains used to control infected systems. Authorities, including Microsoft and Europol, disrupted criminal marketplaces that facilitated malware distribution. The operation impacted over 394,000 Windows devices, highlighting the importance of global cooperation in combating sophisticated cybercrime. Read more.
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
More than 100 malicious Chrome extensions were discovered that mimic trusted brands to steal user data. These extensions utilized typosquatting and phishing techniques, accessing sensitive information such as browser cookies. While many malicious extensions were removed from the Chrome Web Store, some remain active, illustrating the risks associated with browser-based threats. Read more.
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
The EU has imposed sanctions on Stark Industries and its leadership for aiding Russian cyber operations and disinformation campaigns. The company has been accused of facilitating cyberattacks against EU interests by providing hosting services to malicious actors. This action reflects the EU’s commitment to countering state-sponsored cyber threats and protecting its interests. Read more.
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
Serviceaide has exposed sensitive data of over 480,000 Catholic Health patients due to a misconfigured Elasticsearch database. The breach included personally identifiable information such as names, Social Security numbers, and medical records, raising concerns about identity theft. Although the company has secured the database, the potential misuse of the data remains a serious threat. Read more.
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
Coinbase confirmed a data breach affecting 69,461 customers due to unauthorized access by overseas contractors. Critical credentials were not compromised; however, personal identifiers like names and Social Security numbers were exposed. Attackers could use this information for social engineering scams. Following the breach, Coinbase faced a ransom demand but opted to offer a reward for information on the attackers instead. Read more.
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
A supply chain attack on RVTools, a VMware management utility, delivered Bumblebee malware through a trojanized installer via fake domains. Malicious software versions were distributed, leading to significant data breaches in enterprise environments. Researchers identified discrepancies in file hashes, raising concerns about the integrity of the software and its distribution channels. Read more.
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
More than 100 malicious Chrome extensions impersonating reputable brands were found stealing user data. These extensions used deceptive tactics to gain access to sensitive information while claiming to offer legitimate functionalities. The campaign highlights the ongoing risks associated with browser extensions and the exploitation of user trust in the digital environment. Read more.
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
The individual involved in a data breach at PowerSchool has pleaded guilty to extorting student information. The attack exposed sensitive data, including personal details of students and staff. This incident reflects the persistent challenges in securing educational data against cybercriminal activities. Read more.
Tesco Aldi Supplier Peter Green Chilled Hit by Ransomware Disrupting UK Retail Supply Chains
Peter Green Chilled, a supplier for Tesco and Aldi, suffered a ransomware attack that disrupted UK retail supply chains. The incident caused operational delays, raising concerns over the vulnerabilities of supply chain partners in the food industry. This attack highlights the increasing trend of ransomware targeting essential services. Read more.
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
A malware breach at SK Telecom persisted for three years, compromising personal data of 27 million customers. Unauthorized access to sensitive information raises alarms about the security of telecom infrastructure. This incident underscores the urgent need for robust cybersecurity measures to protect customer data in the telecommunications sector. Read more.
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
Cellcom confirmed that a cyberattack was responsible for extended service outages. The breach affected customer access and raised concerns about the security of mobile networks. The company is investigating the incident to assess the impact on customer data and service reliability. Read more.
Vanhelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
A former developer leaked the Vanhelsing ransomware builder on a hacking forum, potentially increasing the risk of ransomware incidents as more attackers gain access to the tool. This leak emphasizes the ongoing threat of ransomware as malicious tools become widely available in underground communities. Read more.
Scattered Spider Breached MS via Third-Party TCS Credentials, Sources Confirm
The Scattered Spider group successfully breached Microsoft using compromised third-party credentials from TCS. This incident highlights vulnerabilities associated with third-party access and emphasizes the need for stringent controls over vendor relationships to safeguard sensitive data. Read more.
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
A trojanized KeePass installer was linked to ransomware attacks on VMware ESXi servers, exploiting installation vulnerabilities for unauthorized access. This incident underscores the risks associated with software installation practices in enterprise environments and the need for rigorous security protocols. Read more.
Telemessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
A breach at Telemessage exposed extensive U.S. government messaging data, with a 410GB archive published by DDoSecrets. This incident raises serious concerns about the security of government communications and the potential for misuse of sensitive information. It highlights the need for enhanced cybersecurity measures within government agencies. Read more.
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
Arla Foods faced a cyberattack that disrupted operations at its German production facility, leading to significant delivery delays. This incident reflects the ongoing risks facing food supply chains and the impact of cyberattacks on operational continuity. The attack underscores the vulnerability of critical supply chain infrastructure. Read more.
O2 Flaw Leaked Customer Geolocation Data to Any Caller
A vulnerability in O2’s system allowed unauthorized access to customer geolocation data, exposing sensitive information to potential exploitation. This breach emphasizes the importance of securing telecom systems against such vulnerabilities to protect customer privacy effectively. Read more.
Coinbase Insider Breach Exposes Customer Data and Government IDs, $20M Ransom Rejected
An insider breach at Coinbase exposed sensitive customer data, including government IDs of 69,461 users. Following the breach, a ransom demand was issued, which Coinbase rejected, opting instead to offer a reward for information on the attackers. This incident highlights the risks associated with insider threats in the cryptocurrency sector. Read more.
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
At Pwn2Own Berlin 2025, hackers targeted zero-day vulnerabilities in VMware ESXi and Microsoft SharePoint, showcasing the continuous threat to enterprise software. The event emphasized the critical importance of vulnerability disclosure and the need for timely patches to protect against exploitation. Read more.
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
Adidas and Dior confirmed that customer data was compromised following targeted cyberattacks. These incidents highlight the increasing trend of high-profile brands being targeted for sensitive information, emphasizing the urgent need for enhanced security measures to protect customer data. Read more.
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
Ransomware gangs have started using Skitnet malware for post-exploitation attacks, enhancing their capabilities within enterprise environments. This malware facilitates lateral movement and data exfiltration, demonstrating evolving tactics used by cybercriminals to exploit vulnerabilities effectively. Read more.
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
A supply chain breach at an ADP partner led to the leak of employee data from Broadcom. The incident underscores the risks associated with third-party vendors and the potential for data exposure in interconnected systems. It highlights the need for stringent security practices in vendor management. Read more.
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
A data breach at SK Telecom exposed nearly 27 million SIM records, raising concerns regarding the security of mobile operator data. This incident highlights vulnerabilities within telecom infrastructure and the critical need to safeguard sensitive customer information. Read more.
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
A data breach at the Legal Aid Agency exposed sensitive information pertaining to legal aid applicants. This incident raises significant concerns regarding the protection of personal data within governmental agencies and the potential for misuse. Read more.
Podcasts
Deepfake Threats, Mobile Biometrics, and the Future of Trust
This episode examines the implications of deepfake technology and mobile biometrics on trust in digital interactions. Experts address the rise of deepfakes and their potential for misuse, alongside the necessity of biometric security for identity verification. The discussion emphasizes the urgent need for robust methods as these technologies evolve. Listen now.
119,000 ICS Devices Exposed: The Internet’s Hidden Infrastructure Risk
This podcast highlights the exposure of 119,000 Internet-connected devices, underlining vulnerabilities in critical infrastructure. Experts discuss the risks posed to industrial control systems and the potential for exploitation by cybercriminals. The dialogue emphasizes the need for enhanced security measures to protect vital infrastructure from emerging threats. Listen now.
Arla Foods: Upahl Site Hit by Cyberattack – What It Means for Food Supply Chains
This episode discusses the implications of the cyberattack on Arla Foods’ Upahl site, focusing on operational disruptions within food supply chains. Experts analyze the attack’s effects on food distribution and the broader vulnerabilities of supply chains to cyber threats. Listen now.
Bypassing Antivirus: What DefendNOT Reveals About the Weak Spots in Windows Security
This episode investigates DefendNOT’s findings regarding antivirus vulnerabilities in Windows systems. Experts outline methods used to bypass security measures, highlighting the implications for users. The conversation emphasizes understanding these weaknesses to enhance overall cybersecurity. Listen now.
BreachRx Raises $15M to Automate the Chaos of Incident Response
The podcast discusses BreachRx’s recent funding aimed at automating incident response processes. Experts analyze how the platform seeks to streamline efforts during cyber incidents, increasing efficiency and reducing chaos. The conversation highlights the significance of automation in modern cybersecurity strategies. Listen now.
110,000 Records Compromised: The NRS Cybersecurity Failure
This episode covers the NRS cybersecurity breach that compromised 110,000 records. Experts discuss contributing factors and the implications for data security. The conversation emphasizes the need for improved cybersecurity measures to prevent similar breaches in the future. Listen now.
CISA Flags Chrome Vulnerability CVE-2025-4664: Patch Before June 5th
This episode focuses on the Chrome vulnerability CVE-2025-4664 identified by CISA. Experts stress the urgency of applying the patch before the June 5 deadline to mitigate risks. The conversation highlights the importance of timely updates in maintaining browser security. Listen now.
483,000 Patients at Risk: Catholic Health Vendor Breach Exposes Critical Data
This podcast examines the breach affecting Catholic Health vendors, exposing critical data of 483,000 patients. Experts discuss implications for patient privacy and the potential for identity theft. The conversation underscores the need for robust security measures in healthcare data management. **[Listen now
Kettering Health Breached: What the Interlock Ransomware Group Did and Why It Matters
The discussion focuses on the ransomware attack against Kettering Health, attributed to the Interlock group. Experts analyze the tactics used in the attack and its significance in the broader context of healthcare cybersecurity vulnerabilities. Read more
Blogs
Quantum-Safe Encryption in Cybersecurity
This blog discusses the importance of quantum-safe encryption as cybersecurity evolves. It examines potential vulnerabilities linked to quantum computing and emphasizes the necessity for robust encryption methods to safeguard sensitive data in the future. Read more
How Can I Protect Myself from the M&S Cyberattack?
The blog provides insights on protecting oneself following the Marks & Spencer cyberattack. It outlines practical steps individuals can take to safeguard their data and mitigate risks associated with similar incidents in the future. Read more
